# How to block all the outbound traffic while allowing SSH connections?

Learn how to block all the outbound traffic while allowing SSH connections from the portal step-by-step.

**Step 1:** [Login](https://customer.acecloudhosting.com/index.php?m=ace_product_register_addon\&action=login) to your account.

<figure><img src="https://2627469859-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4xe4XNC0Kdt8dOCWNCOa%2Fuploads%2FQX6TXHZFPqi9Ch9dg4MN%2Fimage.png?alt=media&#x26;token=4b096134-afa9-4ed1-baa7-ab59ba83406e" alt=""><figcaption></figcaption></figure>

**Step 2**: From the left-hand side menu, select **Networks** and click **Security Group**.

<figure><img src="https://2627469859-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4xe4XNC0Kdt8dOCWNCOa%2Fuploads%2FW7AYncT3crwKKD8kvyvB%2Fimage.png?alt=media&#x26;token=f1267bd0-8dfb-4962-a198-fe6e12b59346" alt=""><figcaption></figcaption></figure>

**Step 3:** Choose the security group where you want to change the rules.

<figure><img src="https://2627469859-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4xe4XNC0Kdt8dOCWNCOa%2Fuploads%2Fra0aIkgKkYM8Lrh7AAo0%2Fimage.png?alt=media&#x26;token=c2881e2f-ab58-4893-a30c-4084801ac5ac" alt=""><figcaption></figcaption></figure>

**Step 4:** Click on **Create New Rule** to set a rule in a security group.

<figure><img src="https://2627469859-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4xe4XNC0Kdt8dOCWNCOa%2Fuploads%2FnDtNertVHuodfRtxzt5P%2Fimage.png?alt=media&#x26;token=bb9d1e08-e52a-48a1-91b4-a389549c35bb" alt=""><figcaption></figcaption></figure>

**Step 5**: Enter the following details according to your requirements and security needs:&#x20;

<figure><img src="https://2627469859-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4xe4XNC0Kdt8dOCWNCOa%2Fuploads%2Fcu2Yd6Ce6rxD2t0t22SF%2Fimage.png?alt=media&#x26;token=4a02d7ff-8fed-4656-b95e-dbfff7c46e0f" alt=""><figcaption></figcaption></figure>

<table data-full-width="false"><thead><tr><th width="151.5">Field </th><th>Description </th></tr></thead><tbody><tr><td><strong>Rule</strong> </td><td>Specify the desired rule template or use custom rules such as Custom TCP Rule, Custom UDP Rule, or Custom ICMP Rule. </td></tr><tr><td><strong>Description</strong> </td><td>Add a brief description of the rule. </td></tr><tr><td><strong>Direction</strong> </td><td><p>Select the desired filter out of the two available filters i.e., ingress and egress. The ingress and egress rules are used to control traffic within and across the network boundary. Let’s know them individually: </p><p><strong>Ingress:</strong> It refers to a set of rules which are used to block outbound traffic coming toward the server. </p><p><strong>Egress:</strong> It refers to a set of rules which are used to allow traffic to pass from your server to the outer world. </p><p> </p></td></tr><tr><td><strong>Open Port/Port Range</strong> </td><td><p>For TCP and UDP rules you may choose to open either a single port or a range of ports. </p><p> </p></td></tr><tr><td><strong>Remote</strong> </td><td>Specify the source of the traffic to be allowed via this rule. You may do so either in the form of an IP address block (CDR) or via a source group (Security Group). </td></tr></tbody></table>

Then, click the **Add Rule** button.

Therefore, if you want to allow SSH connections while blocking all the outbound traffic with a cloud firewall, you need to select the Egress filter rule in the **Direction** category.&#x20;